Vulnerabilidades em Elastic
233 resultadosCVE-2024-52976MEDIUMElastic Agent Inclusion of Functionality from Untrusted Control SphereEPSS 0.2%CVE-2025-68386MEDIUMKibana Improper AuthorizationEPSS 0.2%CVE-2025-37731MEDIUMElasticsearch Improper AuthenticationEPSS 0.2%CVE-2017-8445—An error was found in the X-Pack Security TLS trust manager for versions 5.0.0 to 5.5.1. If reloading the trust material fails the trust manEPSS 0.2%CVE-2024-37284MEDIUMElastic Defend Improper Handling of Alternate Encoding Leads to CrashEPSS 0.2%CVE-2023-46669MEDIUMElastic Agent / Elastic Endpoint Security local API key disclosureEPSS 0.2%CVE-2025-37732MEDIUMKibana Cross-site Scripting via the Integration Package Upload FunctionalityEPSS 0.2%CVE-2025-37730MEDIUMLogstash Improper Certificate Validation in TCP outputEPSS 0.1%CVE-2026-42401MEDIUMImproper Neutralization of Input During Web Page Generation in Kibana Leading to Stored HTML InjectionEPSS 0.1%CVE-2025-37735HIGHImproper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files on the system being deleted by the DefenEPSS 0.1%CVE-2025-25011HIGHBeats Uncontrolled Search Path Element can lead to Local Privilege Escalation (LPE) when using the Windows InstallerEPSS 0.1%CVE-2026-33467MEDIUMImproper Verification of Cryptographic Signature in Elastic Package Registry Leading to Package Integrity BypassEPSS 0.1%CVE-2025-0712HIGHAPM Server Uncontrolled Search Path Element can lead to Local Privilege Escalation (LPE) when using the Windows InstallerEPSS 0.1%